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(54) Key distribution system and method 

(57) A communication system (10) can maintain 
high security in communication between a communica- 
tion apparatus (1 1) and a terminal (12). The communi- 
cation system (10) includes the communication 
apparatus (11) and the terminal (12) provided with a 
memory unit (1 6) for storing data for specifying function 
of the communication apparatus. The communication 
apparatus (11) and the terminal (12) include random 
number generators (13, 13*) for generating random 
numbers, encryption/decryption key preparing units (1 4, 
14*) for preparing encryption/decryption keys (Y1) on 



the basis of both random numbers (R1) and (R2) gener- 
ated by the respective random number generators (13, 
1 3') of the communication apparatus (11) and the termi- 
nal (12) and a secret key (X1) held in common by the 
communication apparatus (11) and the terminal (12), 
and encryption/decryption processing units (15, 15*) for 
encrypting or decrypting communication data between 
the communication apparatus (1 1) and the terminal (12) 
containing the data by means of the encryption/decryp- 
tion key (Y1), respectively. 
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Description 

BACKGROUND OF THE INVENTION 

The present invention relates to a communication 
system including, for example, a communication appa- 
ratus and various terminals represented by, for exam- 
ple, IC cards used in combination with the 
communication apparatus to specify the function of the 
communication apparatus, and a communication 
method. 

There is proposed an attempt that a receiving appa- 
ratus capable of receiving a number of TV programs or 
radio programs is manufactured as a communication 
apparatus and the receiving apparatus and an IC card 
for placing restrictions on the receiving apparatus in 
accordance with contents of a contract are sold as a set. 

Stored in the IC card are data defined in accord- 
ance with the contents of the contract which enable the 
receiving apparatus to receive only a specific program 
or to receive programs only during a predetermined 
term of the contract, for example. 

Accordingly, when the IC card constituting a termi- 
nal is connected or loaded into the receiving apparatus 
combined with the IC card as the set, communication 
between the receiving apparatus and the IC card is per- 
formed. The receiving apparatus reads out the data for 
specifying the contract contents from the IC card by 
means of the communication, so that predetermined 
function is selectively given to the receiving apparatus 
on the basis of the data. 

In the communication between the receiving appa- 
ratus and the IC card, in order to prevent the iniquity by 
forgery, the authentication for judging whether both of 
them have genuine relation with each other based on 
the regular contract or not is performed and, after the 
authentication, transmission and reception of data for 
specifying the contract contents is made therebetween. 

Fig. 6 is a schematic diagram illustrating an exam- 
ple of a communication method in a communication 
system including an IC card and a receiving apparatus 
in a prior art 

As shown in Fig. 6, the conventional communica- 
tion system adopts the mutual authentication. 

An IC card 1 and a receiving apparatus 2 include 
random number generators 3 and 4, respectively. The 
receiving apparatus 2 transmits a random number R1 
generated by the random number generator 4 to an 
authentication code preparing unit 5a of the IC card 1 
and prepares at an authentication code preparing unit 
6a thereof an authentication code X* on the basis of a 
first secret key X1 held in common by the IC card 1 and 
the receiving apparatus 2 and the random number R1. 
The IC card 1 which has received the random number 
R1 prepares at the authentication code preparing unit 
5a thereof an authentication code X on the basis of the 
first secret key X1 and the random number R1 and 
sends the authentication code X to the receiving appa- 
ratus 2. 



The receiving apparatus 2 which has received the 
authentication code X from the IC card 1 compares at a 
comparison unit 8 thereof the authentication code X 
with the authentication code X' prepared by the authen- 

5 tication code preparing unit 6a to thereby perform a first 
authentication A. 

Further, the IC card 1 transmits a random number 
R2 prepared by a random number generator 3 thereof to 
an authentication code preparing unit 6b of the receiv- 

w ing apparatus 2 and prepares at an authentication code 
preparing unit Sb thereof an authentication code Y on 
the basis of a second secret key X2 held in common by 
the IC card 1 and the receiving apparatus 2 and the ran- 
dom number R2. The receiving apparatus 2 which has 

is received the random number R2 prepares at the 
authentication code preparing unit 6b an authentication 
code Y' on the basis of the second secret key X2 and 
the random number R2 and transmits the authentication 
coder to the ICcard 1. 

20 The IC card 1 which has received the authentica- 
tion code Y' from the receiving apparatus 2 compares at 
its comparison unit 7 the authentication code Y with the 
authentication code Y' prepared by the unit 6b of the 
receiving apparatus 2 to thereby perform a second 

25 authentication B. 

After it has been confirmed that both of them have 
genuine relation with each other based on the regular 
contract in accordance with the mutual authentication A 
and B, data specifying the contract contents are 

30 exchanged therebetween in plaintext. 

In the conventional system as described above, the 
secret keys X1 and X2 used in the first and second 
authentication A and B can be made identical, while dif- 
ferent keys are used as the secret keys X1 and X2, 

35 respectively, so that cryptanalysis of the secret keys is 
made difficult. 

In the conventional system, however, since the data 
specifying the contract contents are exchanged in plain- 
text, the plaintext data can be deciphered or understood 

40 relatively easily by monitoring the plaintext data with 
technical knowledge of a certain degree. 

Even if the plaintext data are deciphered, alteration 
such as, for example, extension of a contract term, addi- 
tion of contract programs or the like is made to the IC 

45 card 1 or the receiving apparatus 2 is directly modified 
on the basis of the deciphered plaintext data relatively 
easily. 

Further, in the conventional system, the authentica- 
tion codes X and Y' are prepared on the basis of the sin- 

so gle random number R1 or R2 and the single secret key 
X1 or X2, respectively. Accordingly, it is relatively easy 
to cryptanalyze the secret key X1 or X2 by monitoring 
the communication between the communication appa- 
ratus and the terminal. The cryptanalysis of the secret 

55 key increases the possibility that the terminal such as 
the IC card is forged. 
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SUMMARY OF THE INVENTION 

Accordingly, it is an object of the present invention 
to provide a communication system and method capa- 
ble of maintaining the higher security than in the prior s 
art even if communication between a communication 
apparatus and a terminal is monitored. 

Further, it is another object of the present invention 
to provide a communication system and method which 
make alteration or forgery difficult as compared with the 10 
prior art. 

The communication system according to the 
present invention including a communication apparatus 
for reception or transmission and a terminal provided 
with a memory unit in which data for specifying function is 
of the communication apparatus are stored, is charac- 
terized in that the communication apparatus and the ter- 
minal each comprise a random number generating unit 
for generating a random number, an encryption/decryp- 
tion key preparing unit for preparing an encryp- 20 
tion/decryption key on the basis of both random 
numbers generated by the respective random number 
generating units of the communication apparatus and 
the terminal and a secret key held in common by the 
communication apparatus and the terminal, and an 25 
encryption/decryption processing unit for encrypting or 
decrypting communication data between the communi- 
cation apparatus and the terminal including the data by 
using the encryption/decryption key. 

In the communication system according to the 30 
present invention, the respective encryption/decryption 
key preparing units provided in the communication 
apparatus and the terminal prepare the encryp- 
tion/decryption keys on the basis of both the first and 
second random numbers and the secret key. Further, 35 
the communication apparatus and the terminal encrypt 
at the respective encryption/decryption processing units 
communication data between the communication appa- 
ratus and the terminal on the basis of the encryp- 
tion/decryption keys prepared on the basis of both the 40 
random' numbers and the secret key, so that communi- 
cation between the communication apparatus and the 
terminal is performed by means of the ciphertext. 

Accordingly, plaintext is not used in communication 
between the communication apparatus and the terminal 45 
as in the prior art and even if communication between 
the communication apparatus and the terminal is moni- 
tored, it is not easy to cryptanalyze data or the like for 
specifying contact contents of the communication appa- 
ratus. 50 

Furthermore, since the data or the like for specify- 
ing the contract contents are encrypted by means of the 
first and second random numbers of two kinds and the 
secret key, it is extremely complicated and difficult to 
cryptanalyze ciphertext as compared with cryptanalysis 55 
of a conventional authentication code which is 
encrypted by a single random number and a secret key 
and does not include plaintext data information. 

Consequently, the encrypted communication con- 



tents are not cryptanalysed by a relatively easy crypta- 
nalysis as in the prior art. 

Accordingly, it is not easy even for the user based 
on the regular contact to cryptanalyse communication 
contents between the terminal used by the user itself 
and the communication apparatus and alteration of the 
terminal and the communication apparatus based on 
cryptanalysis of the communication contents is pre- 
vented exactly. 

The terminal may include a reading/writing unit for 
reading data from the memory unit and writing data into 
the memory unit. The reading/writing unit may include 
judgment means for controlling reading of data from and 
writing of data into the memory unit. Further, the 
encryption/decryption key preparing means provided in 
the terminal may include signal producing means for 
producing a first signal for permitting reading of data by 
the reading/writing unit and a second signal for permit- 
ting writing of data by the reading/writing unit to supply 
the signals to the judgment means. 

The data for specifying the function of the commu- 
nication apparatus may include data for specifying a 
receivable program of the communication apparatus by 
way of example. 

Further, the data for specifying the function of the 
communication apparatus may include, as another 
example, data of a term for the receivable program 
specified by the communication apparatus. 

The signal producing means sends to the judgment 
unit a signal for permitting reading or writing. 

The signal producing means can produce first and 
second flags as the signal to the judgment unit. The 
reading/writing unit is permitted to read data from the 
memory unit in a set state of the first flag and to write 
data into the memory unit in a set state of the second 
flag. 

The random generating unit provided in the termi- 
nal may include an arithmetic operation unit for generat- 
ing the second random number by using the first 
random number generated by the random number gen- 
erating unit provided in the communication apparatus 
and a portion for storing the random number rewrrtably. 

The arithmetic operation unit may be constituted by 
an arithmetic circuit for generating the second random 
number by the arithmetic operation of the random 
number stored in the random number storage portion 
and the first random number. 

Further, the arithmetic operation unit may include a 
conversion processing circuit for converting the second 
random number. 

The random number in the random number storage 
portion can be successively updated by a value con- 
verted by the conversion processing circuit. 

Furthermore, the conversion of the conversion 
processing circuit can adopt a bit replacement process 
or a bit inversion process. 

The communication method according to the 
present invention between a communication apparatus 
for reception or transmission and a terminal provided 
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with a memory unit in which data for specifying function 
of the communication apparatus are stored, is charac- 
terized in that first and second random numbers gener- 
ated by the communication apparatus and the terminal, 
respectively, and a secret key held in common by the 
communication apparatus and the terminal are used to 
encrypt the data and the function of the communication 
apparatus is restricted by communication of the 
encrypted data 

The communication apparatus and the terminal 
each comprise a random number generating unit, an 
encryption/decryption key preparing unit for preparing 
an encryption/decryption key on the basis of the first 
and second random numbers generated by the respec- 
tive random number generating units and the secret key, 
and an encryption/decryption processing unit for 
encrypting or decrypting communication data between 
the communication apparatus and the terminal includ- 
ing the data by using the encryption/decryption key, and 
when the terminal receives a command from the com- 
munication apparatus for reading out data from the 
memory unit, the terminal encrypts the read-out data 
from the memory unit by means of the encryp- 
tion/decryption key to transmit the encrypted data to the 
communication apparatus, the terminal being respon- 
sive to a command from the communication apparatus 
for writing data into the memory unit to decrypt cipher- 
text corresponding to the data by means of the encryp- 
tion/decryption key and to write the decrypted data into 
the memory unit when the terminal receives the com- 
mand from the communication apparatus. 

The reading of data from the terminal and the writ- 
ing of data to the terminal cannot be performed at the 
same time. By preventing the writing of data from being 
performed at the same time as the reading of data, 
alteration of data to the terminal can be prevented 
exactly. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a schematic diagram illustrating a commu- 
nication system according to the present invention; 
Fig. 2 is a schematic diagram similar to Fig. 1 illus- 
trating another communication system according to 
the present invention; 

Fig. 3 is a flow chart showing a data reading proc- 
ess of the communication system according to the 
present invention shown in Fig. 2; 
Fig. 4 is a flow chart showing a data writing process 
of the communication system according to the 
present invention shown in Fig. 2; 
Fig. 5 is a schematic diagram illustrating another 
example of a random number generating unit in a 
terminal of the communication system according to 
the present invention; and 
Fig. 6 is a schematic diagram illustrating a conven- 
tional communication system. 



DESCRIPTION OF THE PREFERRED EMBODI- 
MENTS 

The features which are considered characteristic of 

s the invention will be more apparent from the following 
description taken in connection with embodiments 
shown in the accompanying drawings. 

A communication system 10 according to the 
present invention illustrated in Fig. 1 as an example 

10 comprises a receiving apparatus 1 1 such as, for exam- 
ple, a television receiver and a terminal 1 2 in which data 
for specifying the function of the receiving apparatus are 
stored. In the following description, an IC card 12 is 
used as the terminal 12 by way of example. 

is The communication system 10 according to the 
present invention comprises the receiving apparatus 1 1 
and the IC card 12 for storing data relative to, for exam- 
ple, a receiving channel or a receiving term of the 
receiving apparatus 1 1 . 

20 The receiving apparatus 11 includes a random 
number generator 13' for generating a random number 
R1, an encryption/decryption key preparing unit 14' for 
preparing an encryption/decryption key on the basis of 
a secret key X1 held in common by the receiving appa- 

25 ratus 11 and the IC card 12, and an encryption/decryp- 
tion processing unit 15' for encrypting plaintext or 
decrypting cryptogram or ciphertext by using the 
encryption/decryption key Y1 prepared by the encryp- 
tion/decryption key preparing unit 1 4*. 

30 The IC card 1 2 combined with the receiving appara- 
tus 1 1 includes a random number generator 13 for gen- 
erating a random number R2, an encryption/decryption 
key preparing unit 14 for preparing an encryp- 
tion/decryption key on the basis of the secret key X1, 

35 and an encryption/decryption processing unit 15 for 
encrypting plaintext or decrypting ciphertext by using 
the encryption/decryption key Y1 prepared by the 
encryption/decryption key preparing unit 14. 

Further, the IC card 12 includes a memory unit 16 

40 made of a rewritable memory such as, for example, an 
EEPROM (Electrically Erasable Programmable Read 
Only Memory) for storing programs or data and a read- 
ing/writing unit 1 7 for writing data into the memory unit 
and reading data from the memory unit. 

45 The encryption/decryption key preparing units 14' 
and 14 of the receiving apparatus 1 1 and the IC card 12, 
respectively, prepare the encryption/decryption key on 
the basis of the respective secret key X1 by using the 
random numbers R1 and R2 generated by the respec- 

so tive random number generator 13' and 13 and the ran- 
dom numbers R2 and R1 received from the other unit by 
means of communication between the receiving appa- 
ratus 1 1 and the IC card 12, respectively. 

Further, the encryption/decryption processing units 

55 1 5' and 1 5 of the receiving apparatus 1 1 and the IC card 
12, respectively, encrypt plaintext or decrypt ciphertext 
by using the encryption/decryption key Y1 prepared by 
the respective encryption/decryption key preparing unit 
14* and 14, respectively. 
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Operation of each unit of the communication sys- 
tem 10 is now described. 

Before communication of cryptogram between the 
receiving apparatus 1 1 and the IC card 12, the first ran- 
dom number R1 generated by the random number gen- 
erator 13' of the receiving apparatus 1 1 is sent to the IC 
card 12 (step S1). On the other hand, the second ran- 
dom number R2 generated by the random number gen- 
erator 13 of the IC card 12 is sent to the receiving 
apparatus 11 (step S2). Consequently, the receiving 
apparatus 11 and the IC card 12 hold both of the first 
and second random numbers R1 and R2. 

The encryption/decryption key preparing units 14' 
and 14 prepare the encryption/decryption key Y1 on the 
basis of the secret key X1 held in common by both of the 
receiving apparatus 1 1 and the IC card 1 2 by using both 
of the first and second random numbers R1 and R2 
(steps S3 and S3*). 

The encryption/decryption processing units 15* and 
15 of the receiving apparatus 11 and the IC card 12, 
respectively, perform encryption and decryption by 
using the encryption/decryption key Y1 (steps S4, S4' 
and S5. S5% 

The encryption/decryption key preparing units 14' 
and 14 can be constituted by, for example, an XOR cir- 
cuit which attains an exclusive OR of both the first and 
second random numbers R1 and R2 and the secret key 
XI . It is desirable that even if each of the random num- 
bers R1 and R2 is varied slightly the encryption/decryp- 
tion key Y1 prepared by the encryption/decryption key 
preparing units 14' and 14 is varied greatly. 

More particularly, when one bit or so of a series of 
bits representative of the random number R1 or R2 to 
be inputted is varied, it is desirable to use the encryp- 
tion/decryption key preparing unit 14' or 14 which pre- 
pares the encryption/decryption key Y1 which is an 
output corresponding to the inputted random number 
and constituted by a series ofbits having, for example, 
four to five bits of which values are varied. 

The subsequent procedure is various depending on 
programs or applications in the IC card 12 for specifying 
the function of the receiving apparatus 1 1 . 

Among these applications, an application which 
allows the receiving apparatus 1 1 to receive a specific 
receiving channel on the basis of a contract by means of 
the IC card 12 is now described. 

When the IC card 12 is loaded into the receiving 
apparatus 1 1 , the reading/writing unit 1 7 of the IC card 
12 reads out data relative to the receivable channel 
stored in the memory unit 1 6 in plaintext on the basis of 
a reading command from the receiving apparatus 1 1 to 
supply the data to the encryption/decryption processing 
unit 15. The encryption/decryption processing unit 15 
encrypts the read plaintext data by using the encryp- 
tion/decryption key Y1 (step S5). Then, the encrypted 
data or the read data are sent to the receiving apparatus 
11 (step S6). 

The read data received by the receiving apparatus 
1 1 are decrypted at the encryption/decryption process- 
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ing unit 15* of the receiving apparatus 11 by using the 
encryption/decryption key Y1 (step SSy 

On the basis of the plaintext data decrypted by the 
above decryption, restrictions are placed on function of 

s the receiving apparatus 1 1 so that the receiving appara- 
tus 1 1 can receive only a predetermined channel speci- 
fied by the data and the receiving apparatus 1 1 exhibits 
only predetermined function. 

Further, when the receiving apparatus 11 receives 

10 a command of writing data to the IC card 1 2, the receiv- 
ing apparatus 1 1 encrypts plaintext of the write data at 
the encryption/decryption processing unit 15' by using 
the encryption/decryption key Y1 (step S4 1 ). The 
encrypted write data is sent to the IC card 12 (step ST). 

is The write data received by the IC card 12 is 
decrypted at the encryption/decryption processing unit 
15 by using the encryption/decryption key Y1. The 
decrypted plaintext data is written in the memory unit 16 
by the reading/writing unit 17. 

20 The reading of data from the memory unit 16 and 
the writing of data to the memory unit 16 of the IC card 
12 can be executed by the reading/writing unit 17 only 
when the processes at the above steps S1 to S3 have 
been completed normally. 

25 Judgment as to whether the processes of the steps 
S1 to S3 have been completed normally or not can be 
made by judgment means 17a using, for example, one 
or a plurality of flags as described later. 

In communication between the receiving apparatus 

30 1 1 and the IC card 12, data are not exchanged in plain- 
text, and ciphertext is used to exchange data. Further- 
more, since two kinds of the first and second random 
numbers are used to prepare the ciphertext, data can- 
not be cryptanalyzed easily as in the prior art even if 

35 cryptanalysis by monitoring of communication between 
the receiving apparatus 11 and the IC card 12 is tried. 

Accordingly, the security of the communication sys- 
tem 10 is enhanced as compared with the prior art. 
More particularly, the encryption/decryption key Y1 

40 is varied in accordance with the random numbers R1 
and R2 each time data is read and written. Accordingly, 
even if a number of read data or write data as described 
above are monitored and the encrypted communication 
information obtained by the monitoring and operation 

45 thereof are analyzed, it is substantially impossible to 
analyze commands, even if the commands are plaintext 
data, or the data itself. 

Further, even if the commands of plaintext data or 
the data itself are not analyzed, there remains the pos- 

50 sibility that contents of the communication information 
can be analyzed by the analysis of encrypted specific 
communication information and operation thereof. How- 
ever, as described above, since the analyzed communi- 
cation information includes a parameter of the 

55 encryption/decryption key Y1 varied each time data is 
read and written, it is extremely difficult to decrypt the 
communication information in order to understand the 
plaintext data corresponding to the communication 
information. 
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Furthermore, even rf the contents of the communi- 
cation information including the parameter of the 
encryption/decryption key Y1 are analyzed and the 
communication information obtained with the intention 
of rewriting data in the memory unit 16 is inputted to the 5 
encryption/decryption processing unit 15 of the IC card 
12, it is substantially impossible to rewrite data to 
intended contents since the encryption/decryption key 
Y1 upon analysis is different from the encryp- 
tion/decryption toy Y1 upon writing. 10 

Accordingly, the security of communication 
between the receiving apparatus 1 1 and the IC card 12 
can be enhanced and furthermore alteration or forgery 
by rewriting of data in the IC card 12 can be prevented 
exactly. 

As described above, in the communication system 
10, the encryption/decryption key Y1 is prepared from 
the two random numbers R1 and R2 and the secret key 
X1 and data encrypted by using the encryption/decryp- 
tion key Y1 are exchanged between the receiving appa- 
ratus 1 1 and the IC card 12. 

Accordingly, even when data having the same con- 
tents are read/written, values of the random numbers 
R1 and R2 used upon execution thereof are varied and 
a value of the encryption/decryption key Y1 is varied in 
accordance with the variation of the random numbers. 

Accordingly, as described above, even if communi- 
cation between the receiving apparatus 1 1 and the IC 
card 12 is monitored, cryptanalysis of ciphertext is not 
easy and high security can be ensured. 

Further, even if contents of the communication 
information including the parameter of the encryp- 
tion/decryption key Y1 are analyzed, since a value of 
the encryption/decryption key Y1 is varied each time 
data is read/written, alteration or forgery by rewriting of 
data in the IC card 12 can be prevented exactly and fur- 
ther alteration or forgery that the receiving apparatus 1 1 
does not require the IC card 12 can be also prevented 
exactly. 

The communication system 10 shown in Fig. 2 is 
basically identical with the communication system 10 
shown in Fig. 1 . In the communication system of Fig. 2, 
reading of data from and writing of data into the memory 
unit 16 of the IC card 12 is controlled by two flags from 
the encryption/decryption key preparing unit 14 of the 
IC card 12. 

In Fig. 2, the encryption/decryption processing 
units 15* and 15, the memory unit 16 and the like are 
omitted for simplification of the drawing. 

The encryption/decryption key preparing unit 14 of 
the IC card 12 includes signal producing means 14a for 
producing a first flag signal F1 which is a first signal and 
a second flag signal F2 which is a second signal. 

Upon turning on of a power supply of the IC card 12 
and upon resetting of the IC card 12, both the signals 
from the signal producing means 14a are set to a non- 
output state or a reset state "0" representing that read- 
ing and writing of data are not permitted. 

When the encryption/decryption key preparing unit 



14 of the IC card 12 prepares the encryption/decryption 
key Y1, the signal producing means 14a sets both the 
first and second flag signals F1 and F2 to "1" represent- 
ing that reading or writing of data is permitted. 

The reading/writing unit 17 of the IC card 12 
includes judgment means 17a which receives the flag 
signals F1 and F2. 

When the readingAwiting unit 17 receives an 
instruction for a data reading process for reading data 
from the memory unit 16 (Fig. 1), the reading/writing 
unit 1 7 changes the second flag F2 to the reset state "0" 
if the first flag F1 is in the set state "1". Further, when the 
reading/writing unit 1 7 receives an instruction for a data 
writing process for writing data into the memory unit 16, 
the reading/writing unit 17 changes the first flag F1 to 
the reset state n 0" if the second flag F2 is in the set state 
M r. 

The operating of reading data from and writing data 
into the memory unit 16 of the IC card 12 is now 
described with reference to Figs. 3 and 4. 

When the encryption/decryption key Y1 is prepared 
by the encryption/decryption key preparing unit 14 of 
the IC card 12 as described above with reference to Rg. 
1, the encryption/decryption key preparing unit 14 sets 
both the first and second flags F1 and F2 to the set state 
"1". 

At this time, when the reading/writing unit 17 receives 
the command for the data reading process, the judg- 
ment means 17a judges whether the first flag F1 is in 
the set state or not (step S21) as shown in Fig. 3. 

When the first flag F1 is in the reset state "0", the 
readingA/vriting unit 17 terminates the data reading 
process. 

On the other hand, when the first flag F1 is in the 
set state "1 H , the second flag F2 is changed to the reset 
state "0" (step S22). In this flag state, the reading/writing 
unit 1 7 reads out plaintext data from the memory unit 1 6 
(Fig. 1). The plaintext data are encrypted by the encryp- 
tion/decryption processing unit 15 by using the encryp- 
tionAjecryption key Y1 as described above (step S23) 
and are then transmitted to the receiving apparatus 1 1 
as ciphertext (step S24). 

Further, as shown in Fig. 4, when the reading/writ- 
ing unit 17 receives the command for the data writing 
process, the judgment means 17a judges whether the 
second flag F2 is in the set state or not (step S31). 

When the second flag F2 is in the reset state "0", 
the reading/writing unit 17 terminates the data writing 
process. 

On the other hand, when the second flag F2 is in 
the set state "1 the first flag F1 is changed to the reset 
state "0" (step S32). In this flag state, the encryp- 
tion/decryption processing unit 15 of the IC card 12 
decrypts the encrypted write data sent from the receiv- 
ing apparatus 1 1 by using the encryption/decryption key 
Y1 (step S33). The decrypted plaintext data are written 
in the memory unit 16 by the reading/writing unit 17 
(step S34). 

In the communication system 10 shown in Fig. 2, 
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the IC card 12 uses the first and second flags, so that 
simultaneous or parallel processing of the data reading 
process and the data writing process is impossible and 
only one of them can be selectively performed. Accord- 
ingly, the simultaneous processing of the data reading 5 
process and the data writing process using the same 
encryption/decryption key Y1 is impossible. 

In other words, the encryption/decryption key Y1 is 
varied for each of the data reading process or the data 
writing process. Accordingly, even if contents of plain- 10 
text data are identical, encrypted communication data 
are varied for each communication since the encryp- 
tion/decryption key Y1 is varied. 

Accordingly, higher security can be ensured. 

In addition, in the communication system 10 shown 
in Fig. 2, for example, even if a combination of one plain- 
text and ciphertext corresponding to the plaintext is clar- 
ified to thereby cryptanalyze an encryption/decryption 
key Y1 used at this time and altered data are written in 
order to alter the IC card 12, an encryption/decryption 
key Y1 upon writing thereof is different from the cryptan- 
alyzed encryption/decryption key Y1 . 

Accordingly, it is impossible to alter data as desired 
and forgery of the IC card 12 by alteration of data can be 
prevented exactly. 

In order to prevent the forgery of the IC card 12 by 
alteration of data, various proper measures can be 
adopted instead of adoption of the above flags to make 
it impossible to perform the simultaneous processing of 
the data reading process and the data writing process. 

As the random number generators 1 3' and 1 3 of the 
receiving apparatus 11 and the IC card 12 shown in 
Figs. 1 and 2, a well-known random number generator 
for generating random numbers in hardware manner or 
a microprocessor for generating random numbers in 
software manner can be adopted. 

However, in order to make small the IC card 12, the 
random number generator 13 of the IC card 12 is desir- 
ably configured as shown in Fig. 5. 

The random number generator 13 of the IC card 12 
includes, as shown in Fig. 5, a random number storage 
portion 18 constituted by a rewritable memory, for 
example, and an arithmetic operation portion 19. 

The arithmetic operation portion 19 includes, in an 
example shown in Fig. 5, an arithmetic circuit 19a con- 
stituted by an XOR (exclusive-OR) circuit and a random 
number conversion circuit 19b for converting a random 
number. 

An initial value R of an random number having 8 
bits, for example, is stored in the random number stor- 
age portion 18 and the arithmetic circuit 19a generates 
a random number R2 by an arithmetic operation (XOR) 
of the random number R1 of, for example, 8 bits 
received from the receiving apparatus 1 1 and the initial 
value R from the random number storage portion 18. 

Further, the random number R2 generated by the 
random number conversion circuit 19b is sent to the 
encryption/decryption key preparing unit 14' of the 
receiving apparatus 1 1 and the encryption/decryption 



key preparing unit 14 of the IC card 12 in order to pre- 
pare the encryption/decryption key Y1 in the same man- 
ner as in the above example. 

Further, the random number R2 prepared by the 
random number conversion circuit 19b is sent to the 
random number storage portion 18 in order to rewrite 
the initial value of the random number after converted 
by the random number conversion circuit 19b. Conse- 
quently, the initial value R of the random number is suc- 
cessively updated each time data is read or written 
subsequently. 

Accordingly, security of communication between 
the receiving apparatus 11 and the IC card 12 can be 
further improved. 

The conversion process by the random number 
conversion circuit 19b can adopt a bit inversion process 
that "1 " or "O" of a specific bit of the random number R2 
is inverted, a bit replacement process that a position of 
a specif ic bit is replaced with another position or another 
conversion process properly. 

In the example shown in Fig. 5, the random number 
R1 generated by the receiving apparatus 1 1 can be uti- 
lized to generate the random number R2 in the IC card 
12. Accordingly, the random number R2 can be pre- 
pared properly without provision of a microprocessor for 
executing a random number generating program in the 
IC card 12 and without provision of a random number 
generator having a complicated configuration as the 
random number generator 13 in the IC card 12. 

Accordingly, the security of communication can be 
further enhanced and configuration of the IC card can 
be simplified. 

In the foregoing description, the IC card is 
described as an example of the terminal, while various 
terminals such as a module, a package or the like 
including integrated circuits can be used regardless of a 
form thereof. 

Further, as the memory unit of data used in various 
application programs and the random number storage 
portion, electrically rewritable non-volatile memory 
means such as a static random access memory 
(SRAM) with a backup power supply can be properly 
used in addition to the EEPROM. 

Furthermore, the present invention is not limited to 
a specific encryption system or an interlace system 
between the communication apparatus and the terminal 
and can be applied to any encryption system or a con- 
tact or non-contact type interface system. 

Claims 

1. A communication system including a communica- 
tion apparatus for reception or transmission and a 
terminal provided with a memory unit in which data 
for specifying function of said communication appa- 
ratus are stored, wherein 

said communication apparatus and said ter- 
minal each comprise: 
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a random number generating unit for generat- 
ing a random number; 

an encryption/decryption key preparing unit for 
preparing an encryption/decryption key on the 
basis of both random numbers generated by 
said respective random number generating 
units of said communication apparatus and 
said terminal and a secret key held in common 
by said communication apparatus and said ter- 
minal; and 

an encryption/decryption processing unit for 
encrypting or decrypting communication data 
between said communication apparatus and 
said terminal including said data by using said 
encryption/decryption key. 

2. A communication system according to Claim 1, 
wherein said terminal further comprises a read- 
ing/writing unit for reading data from said memory 
unit and writing data into said memory unit, 

said reading/writing unit including judgment 
means for controlling reading of data from and writ- 
ing of data into said memory unit, 

said encryption/decryption key preparing 
unit provided in said terminal including signal pro- 
ducing means for producing a signal for permitting 
reading and writing of data by said reading/writing 
unit to supply said signal to said judgment means. 

3. A communication system according to Claim 2, 
wherein said signal producing means produces a 
first signal for permitting reading of data by said 
reading/writing unit to supply said first signal to said 
judgment means and produces a second signal for 
permitting of writing of data by said reading/writing 
unit to supply said second signal to said judgment 
means. 

4. A communication system according to Claim 1, 
wherein said data for specifying the function of said 
communication apparatus comprises data for spec- 
ifying a receivable program of said communication 
apparatus. 

5. A communication system according to Claim 1, 
wherein said data for specifying the function of said 
communication apparatus comprises data of a term 
for a receivable program specified by said commu- 
nication apparatus. 

6. A communication system according to Claim 3, 
wherein said signal producing means produces first 
and second flags to supply said flags to said judg- 
ment means, and 

said reading/writing unit is permitted to read 
data from said memory unit when said first flag is in 
a set state and to write data into said memory unit 
when said second flag is in a set state. 



7. A communication system according to Claim 1 or 2, 
wherein said random number generating unit pro- 
vided in said terminal includes an arithmetic opera- 
tion portion for generating said second random 

5 number by using said first random number gener- 
ated by said random number generating unit pro- 
vided in said communication apparatus and a 
random number storage portion for storing random 
numbers rewritably. 

w 

8. A communication system according to Claim 7, 
wherein said arithmetic operation portion includes 
an arithmetic operation circuit for generating said 
second random number by means of an arithmetic 

is operation of said random number stored in said 
random number storage unit and said first random 
number. 

9. A communication system according to Claim 8, 
20 wherein said arithmetic operation portion includes a 

conversion processing circuit for converting said 
second random number, and said random number 
in said random number storage portion is updated 
so that said random number is equal to a converted 
25 value obtained from said conversion processing cir- 
cuit. 

10. A communication system according to Claim 9, 
wherein said conversion process by said conver- 

30 sion processing circuit is a bit replacement process. 

11. A communication system according to Claim 9, 
wherein said conversion process by said conver- 
sion processing circuit is a bit inversion process. 

35 

12. A communication method between a communica- 
tion apparatus for reception or transmission and a 
terminal provided with a memory unit in which data 
for specifying function of said communication appa- 

40 ratus are stored, wherein 

first and second random numbers generated 
by said communication apparatus and said termi- 
nal, respectively, and a secret key held in common 
by sard communication apparatus and said terminal 

45 are used to encrypt said data and the function of 
said communication apparatus is restricted by com- 
munication of said encrypted data. 

13. A communication method according to Claim 12, 
so wherein said communication apparatus and said 

terminal each comprise a random number generat- 
ing unit, an encryption/decryption key preparing 
unit for preparing an encryption/decryption key on 
the basis of said first and second random numbers 
55 generated by said respective random number gen- 
erating units and said secret key, and an encryp- 
tion/'decryption processing unit for encrypting or 
decrypting communication data between said com- 
munication apparatus and said terminal including 
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said data by using said encryptiorVdecryption key, 
and 

when said terminal receives a command 
from said communication apparatus for reading out 
data from said memory unit, said terminal encrypts 5 
said read-out data from said memory unit by means 
of said encryption/decryption key to transmit said 
encrypted data to said communication apparatus, 

said terminal being responsive to a com- 
mand from said communication apparatus for writ- w 
ing data into said memory unit to decrypt ctphertext 
corresponding to the data by means of said encryp- 
tion/decryption key and to write said decrypted 
data into said memory unit when said terminal 
receives said command from said communication 75 
apparatus. 

14. A communication method according to Gaim 13, 
wherein the reading of data from said terminal and 
the writing of data to, said terminal cannot be per- 20 
formed at the same time. 
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Fig . 3 
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Fig . 4 
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